8.1
CVE-2024-36913 - Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails
In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails In CoCo VMs it is possible for the untrusted host to cause set_memory_encrypted() or set_memory_decrypted() to fail such that an error is returned and the resulting mβ¦
7.8
CVE-2024-36914 - drm/amd/display: Skip on writeback when it's not applicable
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip on writeback when it's not applicable [WHY] dynamic memory safety error detector (KASAN) catches and generates error messages "BUG: KASAN: slab-out-of-bounds" as writeback connector does not support certain β¦
5.5
CVE-2024-36930 - spi: fix null pointer dereference within spi_sync
In the Linux kernel, the following vulnerability has been resolved: spi: fix null pointer dereference within spi_sync If spi_sync() is called with the non-empty queue and the same spi_message is then reused, the complete callback for the message remains set while the context is cleared, leading tβ¦
5.5
CVE-2024-36025 - scsi: qla2xxx: Fix off by one in qla_edif_app_getstats()
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() The app_reply->elem[] array is allocated earlier in this function and it has app_req.num_ports elements. Thus this > comparison needs to be >= to prevent memory corruption.
5.5
CVE-2024-36903 - ipv6: Fix potential uninit-value access in __ip6_make_skb()
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix potential uninit-value access in __ip6_make_skb() As it was done in commit fc1092f51567 ("ipv4: Fix uninit-value access in __ip_make_skb()") for IPv4, check FLOWI_FLAG_KNOWN_NH on fl6->flowi6_flags instead of testing HDβ¦
4.4
CVE-2024-36022 - kernel: drm/amdgpu: Init zone device and drm client after mode-1 reset on reload
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.5
CVE-2024-36937 - xdp: use flags field to disambiguate broadcast redirect
In the Linux kernel, the following vulnerability has been resolved: xdp: use flags field to disambiguate broadcast redirect When redirecting a packet using XDP, the bpf_redirect_map() helper will set up the redirect destination information in struct bpf_redirect_info (using the __bpf_xdp_redirectβ¦
5.5
CVE-2024-36905 - tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets
In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets TCP_SYN_RECV state is really special, it is only used by cross-syn connections, mostly used by fuzzers. In the following crash [1], syzbot managed to trigger a divide bβ¦
5.5
CVE-2023-52882 - clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change
In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change While PLL CPUX clock rate change when CPU is running from it works in vast majority of cases, now and then it causes instability. This leads to system crashes and otherβ¦
3.3
CVE-2024-36942 - kernel: Bluetooth: qca: fix firmware check error path
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.